But there is a problem; if you are using a certificate that Flash doesn’t like, it doesn’t work at all. And you don’t get an error message. In Windows this is solved pretty well. If Internet Explorer trusts a certificate, so does Flash. But on Linux, flash only checks the system certificate store. And on Fedora, it doesn’t even do that.

To fix it until Adobe fixes the bug, run as root:

mkdir /etc/ssl && ln -sf /etc/pki/tls/certs /etc/ssl/certs

Come to think of it, is there a way to tell where the system certs should be found?

It sounds like Flash is just using the OpenSSL default location. Fedora does move this, but Flash is probably carrying around its only reference to /etc/ssl/certs.

As for the system default, things are complicated by the existence of multiple crypto libraries in most Linux distros. OpenSSL has a plain list (or directory) of CAs, while NSS uses a database format with additional info on each CA (email signer vs. SSL signer, etc).

Jonas: I’ve seen stats that say 98% of web users have flash installed. (Obviously that’s changing now that more people are using mobile devices) Firefox users make up 20-50% web users depending on your audience. I’m not that interested in arguing about whether Flash is good or bad. Happily, I’m not a flash developer. I simply want the software I use to work.